top of page

Privacy Policy 

Last updated: [23/07/2025]

1. Introduction

This privacy policy explains how Bastille Atelier France (hereinafter "we", "us", or "our") collects, uses, and protects your personal data when you browse or make purchases on our website www.bastille-atelier.com (the "Site").

We are committed to respecting your privacy in compliance with the applicable French and European regulations, particularly the French Data Protection Act (Loi Informatique et Libertés) and the General Data Protection Regulation (GDPR – EU Regulation 2016/679).

2. Data Controller

Bastille Atelier France
Registered Office: 2 rue Fontaine sainte Geneviève 60520 Thiers-sur-Thève, France
Company Registration Number (SIRET): [SIRET Number]
Email: info@bastille-atelier.com
 

3. What Data We Collect

When you visit or make a purchase on our e-commerce website, we collect the following categories of personal data:

  • Identification data: full name, email address, phone number

  • Postal address: billing and shipping addresses

  • Order and transaction data: items purchased, order history, payment method (note: payment data is processed by a secure payment provider and never stored by us)

  • Account data: login credentials (if you create an account)

  • Browsing data: cookies, IP address, pages visited, device and browser type

  • Customer service communications: messages, emails, complaints, returns

4. Purposes of Processing

We process your personal data for the following purposes:

  • Processing and fulfilling your orders

  • Managing customer accounts and user profiles

  • Managing payments, invoicing, and delivery

  • Providing customer support and after-sales service

  • Sending order confirmations and transactional emails

  • Sending promotional emails (only with your prior consent)

  • Analyzing site traffic and improving the shopping experience

  • Complying with legal and tax obligations

5. Legal Basis for Processing

The processing of your personal data is based on the following legal grounds:

  • Contractual necessity (to process your orders)

  • Legal obligation (for tax, accounting, and anti-fraud purposes)

  • Legitimate interest (to improve our services and prevent fraud)

  • Consent (for newsletters, cookies, and marketing communications)

6. Data Recipients

Your data is processed by:

  • Our internal staff (sales, support, logistics, IT)

  • Our technical service providers: payment gateways, hosting providers, logistics/delivery partners, marketing platforms

  • Third-party authorities if legally required (tax, customs, judicial)

We ensure all our partners comply with the GDPR and only process your data on our instructions.

7. Data Retention

We retain your data for the duration necessary to fulfill the purposes listed above:

  • Customer account: 3 years after the last activity

  • Order and invoice data: 10 years (legal obligation)

  • Browsing and cookie data: up to 13 months

  • Marketing and email preferences: until you unsubscribe or withdraw consent

8. Your Rights

You have the following rights under the GDPR:

  • Right to access your personal data

  • Right to rectify incorrect or outdated data

  • Right to delete your data (except where legally required)

  • Right to object or restrict processing

  • Right to data portability (in some cases)

  • Right to withdraw your consent at any time

You can exercise these rights by contacting us at: [Email Address]
You also have the right to file a complaint with the CNIL (www.cnil.fr), the French data protection authority.

9. Cookies and Tracking Technologies

Our Site uses cookies to:

  • Enable the proper functioning of the shopping cart and user account

  • Track visitor statistics and measure audience

  • Personalize the shopping experience

  • Offer targeted advertising (with your consent)

Upon your first visit, a cookie banner allows you to accept, reject, or customize your preferences.

10. Payment Security

All payments made on our website are processed through secure, PCI-DSS-compliant platforms. We do not store your full payment information (such as credit card numbers) on our servers.

11. Data Security

We apply appropriate technical and organizational measures to protect your data:

  • SSL encryption (HTTPS)

  • Secure servers and firewalls

  • Access restricted to authorized personnel

  • Regular security audits

12. Changes to This Policy

We may update this privacy policy to reflect legal or functional changes. Users will be notified of any significant changes via the Site or by email.

bottom of page